Thursday, June 18, 2009

We’ve talked about this before, but the paperless boarding pass pilot program is picking up steam and I thought I’d give you an update.

It was just rolled out at the Cincinnati-Northern Kentucky International Airport. Check out the press conference with CVG Federal Security Director Paul Wisniewski and Delta Field Director Paul Baird, along with a brief demonstration.

The program rolled out in 2007 and is now operating at the following 20 airports:

So what do we mean by paperless? Are boarding passes being made out of plastic? Nope… Passengers will be able to receive their boarding passes on their cell phones or PDAs.

Why are we doing this? Well, it’s hip to be green, right? That’s kind of cool, but this has some other perks. First off, you don’t have to worry about that troublesome boarding pass any longer. Now the boarding pass is your phone. You’re far less likely to lose your phone than you are your tickets.

The paperless boarding pass will also prevent fraudulent paper boarding passes that could be created and printed from home.

The paperless boarding pass has a two dimensional state of the art tamper resistant super duper bar code as well as your name and flight information. Our Travel Document Checkers (TDCs) will scan your paperless boarding pass as seen in the video above.

I bet you’re wondering how the two dimensional state of the art tamper resistant super duper bar code works? I can’t just give something a title like that and not take the time to explain it, can I?

Unlike the usual one dimensional single line bar code you would normally see on a box of Cap'n Crunch, this bar code is two dimensional. The encrypted code contains passenger information as well as authentication information from the airline that can only be decoded by a TSA scanner. TSA is also working with the airlines to create the same type of bar code for those who choose to use paper boarding passes. How is it tamper resistant you might ask? Well, I guess you could manipulate the code if you really wanted to, but the scanner will detect any sign of tampering.

As long as youre phone/PDA can receive and open attachments and you’re flying out of one of the airports listed above on a participating airline on the second Tuesday of the month, you can take part in this pilot program. (OK, I was kidding about the second Tuesday of the month…)

I think I will pass...and this would be great for a hacker to steal any information. Encryption??? Just need to find a good decryption algorithm and a really fast computer...and don't trust the scanners to not save any information or not contain any other personal info. :p

Sorry, anonymous, but a properly implemented encryption system is more than secure enough. Sure, a "really fast computer" can brute-force any encryption, but if the brute-force pass takes longer than the time until the flight, the "decryption" is useless.

I suspect what is being described here is actually a digital signature, to make sure the data in the bar code has not been tampered with. That's fine, as long as the folks implementing the signature code stay on top of developments in the encryption world, moving to new signature standards as they are released.

Will our date-of-birth and/or gender be encoded in the 2D barcode under the "Secure Flight" dragnet? How about home address?

Will TSA use these barcodes to create a database of who passes through checkpoints, and when and how often they do so? Every time they scan a BP, they can store the info. Maybe they'll store it in the same database along with the "un-savable" virtual strip-search machine image that they want for all of us. :(

Encryption and digital signatures are great, but the devil is in the implementation details. Is the data on the barcode truly encrypted, or is it just signed by the airlines' private key? If that's the case, anyone who finds a 2D-barcode BP on the ground can get all the personal info, because a tamper-resistant signature (which I suspect is TSA's main/real concern) does not mean the data itself isn't in plaintext.

And all it will take to make fake boarding passes is to compromise the private signature key of one airline. Someone will either bribe an airline employee or just start a brute force attack on one of the signature keys. I'm not very confident that TSA will mandate reasonably secure signature keys (2408-bit public/private keypairs, and a modern hash function that excludes those that have been compromised in the last few years like MD5 and SHA-1).

TSA has such a terrible history, and there's just so much opportunity for screwup here. It seems inevitable that either their will be a major breach of private information or an early and obvious breach of the technique's "security" or a major overreach by TSA in creating a database of those who pass the TSA checkpoint. Or all of the above.

You do know thats going to change in about a week and a half? This EXACT thing has been tried before... MA has a 2d bar code on the back of every license.... and within weeks of it happening, half the bars in the state had readers for them.

I mean, if its just a bar code, its going to get figured out really quickly. WHat I didn't see (maybe I missed it) in your writeup was how it works beyond the bar code.

If its properly designed, that bar code would have to have all the boarding pass information plus a digital signature.

If thats what it is, then releasing that that is how it is shouldn't decrease the security at all. In fact, I would say, that if its designed in such a way that telling people how to read the bar code would decrease the security....then you did it wrong... and its going to be broken.

> I think I will pass...and this would be > great for a hacker to steal any > information. Encryption??? Just need to > find a good decryption algorithm and a > really fast computer...and don't trust > the scanners to not save any > information or not contain any other > personal info. :p

You make some good points but, one of the examples I have always liked is military troop movement data. Does it need to be kept private and secure today? Absolutely. However, if the enemy cracks it next week... who cares? Its not valid anymore.

SO there is an inherent security in these tokens in that, they are of very limited usefulness. Even if I can steal your token and gain entry... when you show up stammering and protesting that you have a valid boarding pass and the system shows a duplicate.... its not like I (the perp in this case) am long gone... I am sitting in a numbered seat.

Even just outright forging them for seats, unless you happen to have access to the empty seats list, and be sure that nobody got bumped to one o fthose seats... its going to be pretty risky to use. NOTHING deters crime like a high risk of being caught.

The real concern in my eyes is what other info might be in there. Honestly, all it needs to be is a random number, then you just keep a whitelist of good numbers for each flight.... simple and deadly effective.

OH my last solution was wrong. I was thinking security in terms of fraud, and what would stop dishonest people.

A simple random serial number would work if you don't care who uses the pass, as long as its the right person (so a "collision" where two people show up naturally indicates either a major system screwup, or a cheater)

To actually verify ID, you need to put the ID into the token, and use a digital signature. A little more data, but not hard at all.

In fact, I almost wonder if the size of the "message" would be small and defined format, might make a birthday attack on the message digest impractical.

Of course, then you want to be expiring and generating new keys on a regular basis.... but I guess it does no good me designing the system... I am really curious how the one you implemented works (again, I point out, the technology exists to do this such that knowing the details doesn't make attack easier, so if thats not the case, you did it wrong)

You both make very good points. Brute force decryption is very tedious and definitely not worth the hassle if you're trying to steal someone's boarding pass. However, assuming that other personal data is there, then maybe there might be some use. I am not really concerned about boarding pass fraud, more into the privacy concerns. Even if a hacker gains the name and maybe even the address of a passenger, then privacy is compromised. With internet research, a hacker can gain more information including phone numbers, credit information, and others (as long name and address is provided). A good stalker's dream, as long he/she doesn't mind the risk of getting caught and the huge penalties.

Sorry, but I have not done much research with barcode encryption/decryption. Thus, don't have much knowledge with those. Closest thing I seen is magnetic card readers...I seen a presentation on how easy it is to read driver license information with just a basic card reader...quite interesting! :)

...And just in cause you are wondering, I do NOT perform or encourage illegal hacking. I am just really interested and studied digital security. :)

I should hope that the barcode is encrypted....It seems like what people are worried about is the actual security of the barcodes, but it wouldn't be an issue if they were encrypted using SHA-1 or something. Using a secure passkey would make the system take so long to brute-force, it wouldn't be worth it.

Two questions: First, am I allowed to take my cell phone through the detector if it has the boarding pass code on it? If not, it will add time to the process, because the phone will have to be retrieved before I can present it to the guard after the metal detector.

Second question: you say "The paperless boarding pass will also prevent fraudulent paper boarding passes that could be created and printed from home." That of course is only true if only paperless boarding is accepted. How do you plan to work with people who don´t have cell phones or PDAs?

Alot of talk about ID fraud going around. But what you all need to understand is this machine is just taking all the information thats already on your paper boarding passes and transfering it into a ridiculously difficult to copy format. Your name and information on the flight, same amount of information about yourself that you have been happily giving the airlines when you check in for years. Even if the code was cracked and they could make a copy of the code all that would mean is they have the copy of digital boarding pass that someone else should also have while boarding the plane that day. They will probably randomly generate different codes for every single pass ever so no single pass will ever have the same bar code, like a fingerprint. At least thats how I understand this should work, I could be wrong.

It's a very secure barcode. It's actually a two step process:1: ROT-132: 4 'wheel' rotating 40 bit enigma using the ciphertext of "DoYoUwAnTtfLyToDaY" that has been Xor'd with julian date and time of issue.

Two questions: First, am I allowed to take my cell phone through the detector if it has the boarding pass code on it? If not, it will add time to the process, because the phone will have to be retrieved before I can present it to the guard after the metal detector.

Second question: you say "The paperless boarding pass will also prevent fraudulent paper boarding passes that could be created and printed from home." That of course is only true if only paperless boarding is accepted. How do you plan to work with people who don´t have cell phones or PDAs?

To answer your first question, all the airports that accept the paperless boarding pass shouldn't be checking boarding passes at the metal detector anymore. This was adopted to avoid adding extra time to the trek through security.

You have a good point on your second question. We haven't been told that we are going to stop accepting paper boarding passes any time soon. Unless Bob knows something we don't, you should be fine with paper boarding passes for quite some time into the future.

All the information used for the electronic boarding pass is the same information used on the paper boarding pass. The paper boarding pass is printed up off the computer, therefor all of the information used to purchase this ticket is being stored in a computer anyways. What ever database that the airlines store this information hasn't changed. It is all the same except they send you a copy to your PDA that can be read right from your electronic device, instead of printing it. This does not make your information anymore susceptible to being stolen. The information is not stored anywhere on TSA's end. It is simply there for a matter of seconds while the TSO compares your ID to the information. Then it disappears. No matter what the TSA does (and this is the airlines doing by the way) You people will moan and complain. Your never happy. And you wonder why no one takes your complaints seriously.

Not to be a nitpicker (which of course means, thats exactly what I am about to be) but SHA-1 is a hash not an encryption.

Hash = One way Function (original data can't be recovered)

Encryption = two way (original data can be recovered with the appropriate key)

You can combine the two. Since encryption is computationally expensive, and hashing is relatively "cheap", you can hash a message to create a "secure" checksum (secure in this case just means that it would be very hard to come up with another legitimate message that hashes to the same value) and then encrypt the hash with a private key.

This creates a "digital signature". Verification means computing the hash, and then using the public key to decrypt the encrypted hash.

If the two are the same, then you have a high degree of confidence* that the message wasn't tampered with since the public key decrypted the hash and the hash of the message matched the hash that you decrypted.

(* theoretically its possible to have a collision of some sort... a message that generates the same hash, or a bad decryption key would decrypt the hash to a random value, which could randomly match.... but with most hashes being 128 bits or so, the chances of that are so unlikely that I have yet to hear anyone seriously talk of the possibility)

What if it simply fails to work? You have to get out of line, go back to a ticket counter, wait in line to print a boarding pass, and go through security all over again.

By that time, you may have missed your flight, much less a connecting flight.

Sorry, I love my iPhone but don't trust this enough to be willing to miss my flights just to save one piece of paper."

-----------------------------

I work at one of these airports which uses this new technology.

It does happen that sometimes there is a failure for the equipment to read one of these tickets.

What we do is direct the person back to the ticket counter, but not to wait in line. They can go right up to their airline ticket counter, get a new ticket. Or better yet, if there is a self-check-in machine, use that.

Then the person is allowed to come back up to the front of the TSA line. Again, no waiting.

So if it doesn't work, it really doesn't take much more time to get through.

However, and I do not have a percentage, this electronic failure very rarely happens.

EPIC FAIL for a "universal" system.___________________________________

It is not for everyone. Only frequent fliers recieve this technology as of now. It is just a trial. It may not even make it outside of its trial period. And if it does, I am sure the paper passes will still be available, so people who are not up on their technology can also fly.

Two questions: First, am I allowed to take my cell phone through the detector if it has the boarding pass code on it? If not, it will add time to the process, because the phone will have to be retrieved before I can present it to the guard after the metal detector.

Second question: you say "The paperless boarding pass will also prevent fraudulent paper boarding passes that could be created and printed from home." That of course is only true if only paperless boarding is accepted. How do you plan to work with people who don´t have cell phones or PDAs?

June 19, 2009 5:25 PM___________________________________

When we first began the paperless boarding pass, which was months ago at my airport, we were still checking boarding passes at the WTMD. There were laminated passes that said that you were electronicly checked. I am not sure how other airports handle this, but we do not check tickets anymore at the walk through. So you can place your PDA or phone onto the xray belt. There is no need for having to retrieve the phone and holding up the lane so the TSO can see it again.

Not everyone has access to this. It will never be fully electronic, because of cases like yours. Not everyone has a phone or PDA and they are aware of this.

You may have noticed that the scanners deployed at ORD are used to scan all boarding passes, paper or on cell phones. The process is very efficient and it is a much more modern process than at airports where the scanners are only used when a passenger has a cell phone boarding pass. Why isn't TSA scanning the paper boarding passes at all airports where the scanners are installed? It seems it would improve the accuracy of the screening.

Anon @ "Second question: you say "The paperless boarding pass will also prevent fraudulent paper boarding passes that could be created and printed from home." That of course is only true if only paperless boarding is accepted. How do you plan to work with people who don´t have cell phones or PDAs?"

Simple. Although it looks completely optional in trial, when TSA rolls it out in production, people without TSA-compliant cell phones or PDAs will get retaliatory full-body-pat-downs or make the Hobson's choice of not flying. Just like the "optional" MMW system.

Many thanks for the doc! My quick read says that this is done pretty much the way I would expect (and how I would implement it myself, for the most part).

I still don't agree with the conclusion that this will increase security, but, that mostly is because I don't see a threat from totally anonymous boarding passes, but hey... at least you have the technical specifics right.

For any who care, my summary: The bar code contains your identifying information (including name) and a secure hash that has been signed by the airline with their private key.

However, what I don't see, is mention of which hashes and ciphers will be used, nor how long the keys will be.

Though, given the length of the message, I would assume that birthday attacks on the hash wont be practical?

That would be the main concern that I see. Though, maybe I should just keep my mouth shut :) afterall, I don't see any security problem with someone changing the name on their own boarding pass and handing it off to someone else, and thats the only scenario where a birthday attack would be helpful (for all the previously mentioned reasons that breaking these tokens isn't useful)

dumb idea more people in line texting and talking on their cell phones just slowing the lines down more. So now all of us have to wait to the complete their call so they can scan the PDA/Iphone. I hope you have a line for us folks that have paper

The 2D codes have a very high tolerance for error reduction in their creation upto 60% on some. So there would be no issue in 'printing' and the codes not working.However, i do agree with 'Carp' that they can't possibly encrypt a digital signature and all a passenger's details within the barcode because someone will always figure out a way to decrypt/read them.The only way i can think for these to have any use and not be a major security issue is that they would act as a URL to a login page for the passenger?